C
C
RSAP Union API - Get OAuth2 Access Token
See more _Miscellaneous_ Examples
Demonstrates how to get an OAuth2 access token for the RSAP Union API. Note: This uses the client credentials flow, which does NOT require an interactive engagement using a browser.Chilkat C Downloads
#include <C_CkHttp.h>
#include <C_CkJsonObject.h>
#include <C_CkCert.h>
#include <C_CkPrivateKey.h>
#include <C_CkHttpResponse.h>
#include <C_CkStringBuilder.h>
void ChilkatSample(void)
{
BOOL success;
HCkHttp http;
HCkJsonObject json;
HCkCert cert;
HCkPrivateKey privKey;
HCkHttpResponse resp;
HCkStringBuilder sbResponseBody;
HCkJsonObject jResp;
int respStatusCode;
success = FALSE;
// This example assumes the Chilkat API to have been previously unlocked.
// See Global Unlock Sample for sample code.
http = CkHttp_Create();
// The following JSON is sent in the request body.
// {
// "grant_type": "client_credentials",
// "client_id": 1234,
// "client_secret": "23456abcde"
// }
json = CkJsonObject_Create();
CkJsonObject_UpdateString(json,"grant_type","client_credentials");
CkJsonObject_UpdateInt(json,"client_id",1234);
CkJsonObject_UpdateString(json,"client_secret","23456abcde");
CkHttp_SetRequestHeader(http,"Content-type","application/json");
// Add the client certificate TLS authentication.
cert = CkCert_Create();
success = CkCert_LoadFromFile(cert,"qa_data/certs_and_keys/union_client_certificate.crt");
if (success == FALSE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
return;
}
privKey = CkPrivateKey_Create();
success = CkPrivateKey_LoadAnyFormatFile(privKey,"qa_data/certs_and_keys/union_client_certificate.nopass.key","");
if (success == FALSE) {
printf("%s\n",CkPrivateKey_lastErrorText(privKey));
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// Associate the private key with the cert.
// This will fail if the private key is not actually the correct one that corresponds to the public key stored within the cert.
success = CkCert_SetPrivateKey(cert,privKey);
if (success == FALSE) {
printf("%s\n",CkCert_lastErrorText(cert));
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
// Tell HTTP to use the cert for client TLS certificate authentication.
success = CkHttp_SetSslClientCert(http,cert);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
return;
}
resp = CkHttpResponse_Create();
success = CkHttp_HttpJson(http,"POST","https://api-test.rsap.ca/oauth/token",json,"application/json",resp);
if (success == FALSE) {
printf("%s\n",CkHttp_lastErrorText(http));
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
CkHttpResponse_Dispose(resp);
return;
}
sbResponseBody = CkStringBuilder_Create();
CkHttpResponse_GetBodySb(resp,sbResponseBody);
jResp = CkJsonObject_Create();
CkJsonObject_LoadSb(jResp,sbResponseBody);
CkJsonObject_putEmitCompact(jResp,FALSE);
printf("Response Body:\n");
printf("%s\n",CkJsonObject_emit(jResp));
respStatusCode = CkHttpResponse_getStatusCode(resp);
printf("Response Status Code = %d\n",respStatusCode);
if (respStatusCode >= 400) {
printf("Response Header:\n");
printf("%s\n",CkHttpResponse_header(resp));
printf("Failed.\n");
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
CkHttpResponse_Dispose(resp);
CkStringBuilder_Dispose(sbResponseBody);
CkJsonObject_Dispose(jResp);
return;
}
// Sample JSON response:
// (Sample code for parsing the JSON response is shown below)
// {
// "token_type": "Bearer",
// "expires_in": 3600,
// "access_token": "eyJ0eXAi...LnE"
// }
// This token expires in 1 hour. Your application could re-use the same token for up to an hour,
// or it can simply get a new access token before each request (if you're not doing too many requests).
success = CkJsonObject_WriteFile(jResp,"qa_data/tokens/rsapToken.json");
CkHttp_Dispose(http);
CkJsonObject_Dispose(json);
CkCert_Dispose(cert);
CkPrivateKey_Dispose(privKey);
CkHttpResponse_Dispose(resp);
CkStringBuilder_Dispose(sbResponseBody);
CkJsonObject_Dispose(jResp);
}